Authentication type per user

What I want to do is has per-user authentication types. The system default
is to do public key authentication, however, some users don't understand the
concept of carrying around a private key or creating one, so I would like
those users to use password authentication. Unfortunately, after using a
"match user" in my sshd_config, I was not allowed to add
"PasswordAuthentication yes". Anyone know how to overcome this?

As for my second issue for today, I was wondering how one might do the
following: publickey authentication followed by password authentication. I
have enabled both in my sshd_config, but it seems that only one is used to
authenticate at a time, as though a user can choose what to use. I want it
so both are required to get in, so the login screen might look like so:

Re: IPSEC with non-domain Server... with kerberos performing digital signature validation using the on-file ... public keys for "something you have" authentication.... there is a business process defined called public key ... ... the total stranger has gone to a certification...(microsoft.public.security)

Re: Two-factor authentication with SSH?... > As a system administrator I am responsible for the security and the ... > the passphrase from his certificate.... > password authentication on the server side. ... There has to be some process that registers the public key ... ...(comp.security.ssh)

Re: Single User: Password or Certificate... http://www.garlic.com/~lynn/2004p.html#60 Single User: Password or Certificate...authentication and also a "shared-secret" ... the public/private key issue with hardware tokens has a number of ... the same public key can be registered in different security domains ...(comp.security.ssh)